Apple has pushed out security updates that fix two actively exploited zero-day vulnerabilities (CVE-2023-28205, CVE-2023-28206) in macOS, iOS and iPadOS. Reported by researchers Clément Lecigne of Google’s Threat Analysis Group (TAG) and Donncha Ó Cearbhaill, the head of Amnesty International’s Security Lab, the vulnerabilities have been exploited in tandem to achieve full device compromise – with the likely (though not confirmed) goal to install spyware on target devices. About the vulnerabilities CVE-2023-28205 is a use … More
The post Apple rushes fixes for exploited zero-days in iPhones and Macs (CVE-2023-28205, CVE-2023-28206) appeared first on Help Net Security.